For people running wine or Crossover and using MS Office 2003 and related codes
it is necessary to do:
# setsebool -P allow_unconfined_mmap_low 1
To prevent AVC denials.
However there is recent publicity at
http://www.theregister.co.uk/2009/11/03/linux_kernel_vulnerability/
which highlights that there is still a vulnerability in the kernel if this is
set.
For people running f11 with this boolean set how can one run wine and still
remain secure? i.e. what should an admin do to protect the system?